Introduction

This document describes system requirements, important notes, new and changed information, installation and upgrade procedures, and caveats for client adapter Install Wizard version 1.3 and the following software included in the Install Wizard file:

Note The EAP-SIM supplicant included in the Install Wizard file supports only Gemplus SIM+ cards; however, an updated supplicant is available that supports standard GSM-SIM cards as well as more recent versions of the EAP-SIM protocol. The new supplicant is available for download from Cisco.com at the following URL:

•Access points to which your client adapter may attempt to authenticate must use the following firmware versions or later: 12.00T (340, 350, and 1200 series access points) or Cisco IOS Release 12.2(4)JA (1100 series access points).

Note To use WPA or fast roaming, access points must use Cisco IOS Release 12.2(11)JA or later. To use radio management (RM), access points must use Cisco IOS Release 12.2(13)JA or later.

•All necessary infrastructure devices such as access points, servers, gateways, and user databases must be properly configured for any authentication type you plan to enable on the client.

Important Notes

Customized Installation Images (Notice to IT Professionals)

Caution Use caution when bundling the client adapter software into a customized installation image. If the registry settings are modified, the software may not install and uninstall properly.

Firmware Is Upgraded Automatically

The Install Wizard automatically upgrades the client adapter firmware to the version included in the Install Wizard file.

Note Applications such as AirMagnet and Wild Packets may fail after the firmware is upgraded. To resolve this problem, use ACU to downgrade the firmware to the previous version. Older versions of client adapter firmware are available from the Software Center on Cisco.com.

Reboot Required When Uninstalling ACU

Caution When you uninstall ACU, make sure you reboot your computer when prompted. Otherwise, the system may be rendered unable to boot, displaying the message "The Logon User Interface DLL cswGina.dll failed to load. Contact your system administrator to replace the DLL or restore the original DLL."

Uninstalling Software Components

All profiles are deleted if you use the Uninstall All Components option on the Cisco Aironet Wireless LAN Client Adapter Installation Wizard screen to uninstall the client adapter software. Cisco recommends that you use the Profile Manager's export feature to save your profiles before uninstalling the software.

Inserting and Removing Client Adapters

The following rules apply when inserting and removing client adapters:

•If you start ACU while a client adapter of one radio type is inserted (such as a 350 series PC card) and then eject the card and replace it with a card of another radio type (such as a CB20A PC-Cardbus card), ACU displays "Your Wireless LAN Adapter is not inserted" until ACU is shut down and restarted.

•The profiles for PC-Cardbus cards are tied to the slot in which the card is inserted. Therefore, you must always insert your PC-Cardbus card into the same slot, create profiles for both slots, or export the profiles for one slot and import them for the other slot.

New EAP-SIM Supplicant Available

A new EAP-SIM supplicant is available for download from Cisco.com. This new supplicant is an upgrade to the one included in the Install Wizard file. It provides new features, supports more recent versions of the EAP-SIM draft standard, and can be used with standard GSM-SIM cards as well as Gemplus SIM+ smartcards.

The new supplicant overwrites any previous EAP-SIM supplicant settings. If you plan to install the Cisco Aironet Install Wizard file after the new supplicant is installed, either perform an express installation or make sure the EAP-SIM option is not selected on the Custom Installation screen. Otherwise, the EAP-SIM supplicant included in the Install Wizard file overwrites the new supplicant's settings.

If your computer is running Windows XP and you configured your client adapter using ACU, the Windows Wireless Network Connection icon in the Windows system tray may be marked with a red X and show an unavailable connection even though a wireless connection exists. This condition is caused by a conflict between ACU and Windows XP's wireless network settings. Simply ignore the Windows icon and use the ACM icon to check the status of your client adapter's wireless connection.

In order to access Cisco Aironet software from the Software Center on Cisco.com, you must fill out a form to receive authorization to download encrypted software. Registered Cisco.com users are required to fill out the form only once, but public users must do so once each session, each time software is downloaded. A form is automatically created for public users. The form for registered Cisco.com users is at the following URL:

Note Install Wizard version 1.3 and its software components are not supported for use with Cisco Aironet 340 series client adapters.

New and Changed Information

Support for EAP-FAST Authentication

Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST) authentication is a new IEEE 802.1X authentication type available for Cisco Aironet 350 series and CB20A client adapters on computers running Windows 2000 or XP. EAP-FAST offers flexible, easy deployment and management, supports a variety of user and password database types, supports server-initiated password expiration and change, and does not require digital certificates. Cisco developed EAP-FAST for customers who want to deploy an 802.1X EAP type that does not use certificates and provides protection from dictionary attacks. For example, a customer using Cisco LEAP who cannot enforce a strong password policy and does not want to use certificates can migrate to EAP-FAST for protection from dictionary attacks. EAP-FAST allows for a seamless migration from LEAP.

Note If you change an old LEAP profile (one that was created using ACU version 6.2 or earlier) with a saved username and password to EAP-FAST, you are prompted to re-enter your password if you try to save the profile without entering a new password.

•Phase 0 enables the client to dynamically provision a protected access credentials (PAC) when necessary. During this phase, a PAC is generated securely between the user and the network.

•Phase 1 uses the PAC to establish a mutually authenticated and secure tunnel between the client and the RADIUS server. RADIUS servers that support EAP-FAST include Cisco Secure ACS version 3.2.3 and later.

•Phase 2 performs client authentication in the established tunnel.

EAP-FAST is enabled or disabled for a specific profile through ACU, provided the EAP-FAST security module was selected during installation. After EAP-FAST is enabled, a variety of configuration options are available, including how and when a username and password are entered to begin the authentication process and whether automatic or manual PAC provisioning is used.

The client adapter uses the username, password, and PAC to perform mutual authentication with the RADIUS server through the access point. The username and password need to be re-entered each time the client adapter is inserted or the Windows device is rebooted, unless you configure your adapter to use saved EAP-FAST credentials.

PACs are created by Cisco Secure ACS and are identified by an ID. The user obtains his or her own copy of the PAC from the server, and the ID links the PAC to the profile created in ACU. When manual PAC provisioning is enabled, the PAC file is manually copied from the server and imported onto the client device. The following rules govern PAC storage:

•In most cases PACs are provisioned and stored separately for each Windows logon user. These per-user PACs are not viewable by other users.

•If a profile is configured to use manual provisioning, each user must manually provision his or her own PAC for that profile.

•PAC files can be added or replaced using the import feature, but they cannot be removed or exported.

•For profiles configured with saved EAP-FAST usernames and passwords, the PACs are not stored per user but in a global PAC area shared by all users. Global PACs are also enabled when the No Network Connection Unless User Is Logged In checkbox is unchecked. These global PACs can be imported and used by all users.

Note PACs are also stored globally on computers that use the Novell Network login prompt or any other third-party login application that does not share its credentials with the EAP-FAST supplicant.

EAP-FAST authentication is designed to support the following user databases over a wireless LAN:

•Cisco Secure ACS internal user database

•Cisco Secure ACS ODBC user database

•Windows NT/2000/2003 domain user database

•LDAP user database

LDAP user databases (such as NDS) support only manual PAC provisioning while the other three user databases support both automatic and manual PAC provisioning.

WPA Migration Mode Now Supported by Clients

The software components included in client adapter Install Wizard version 1.3 now support Wi-Fi Protected Access (WPA) migration mode for 350 series and CB20A cards. WPA migration mode is an access point setting that enables both WPA and non-WPA clients to associate to an access point using the same SSID. To use this feature, the access point must be configured for migration mode (WPA optional with TKIP+WEP128 or TKIP+WEP40 cipher).

Radio Management Support on CB20A Cards

In ACU version 6.3 the Enable Radio Management Support parameter has been added to the Advanced (Infrastructure) Parameters screen for CB20A PC-Cardbus cards. Checking this check box enables the access point to which the client adapter is associated to control the use of radio management (RM), provided RM is enabled on the access point. RM, a component of the Cisco Structured Wireless-Aware Network (SWAN), is a system-wide feature that involves multiple infrastructure nodes. The RM feature on the access point acts on radio measurement requests from other network devices to instruct the access point and its associated clients to perform required radio measurements and then report them.

This parameter is available in ACU version 6.2 or later for 350 series client adapters using firmware version 5.30.15 or later and in ACU version 6.3 or later for CB20A client adapters using firmware version 5.40.10 or later.

Note Access points must use Cisco IOS Release 12.2(13)JA or later to enable RM. Refer to the documentation for your access point for instructions on enabling this feature.

Quiet Mode

A quiet mode feature is now available for Cisco Aironet client adapters in Install Wizard version 1.3. Enabling this feature forces the client to become quiet (to passively scan or listen) when its associated access point is turned off. In quiet mode, the client generates radio frequency energy only in direct response to an access point transmission. When the access point is turned back on, it starts sending beacons, which the client hears and can now respond to.

Quiet mode can be enabled or disabled from either the Custom Installation screen in the Install Wizard or the Commands drop-down menu in ACU.

Note The quiet mode feature applies to individual cards rather than profiles. It can be set differently for different cards and remains in effect across ACU sessions and computer reboots.

User and Domain Names

The following changes apply to both LEAP and EAP-FAST authentication:

•The maximum length of the combined username and domain name has been increased from 32 to 64 characters. Therefore, you can enter up to 64 characters for the username if a domain is not specified or up to 63 characters for a username and domain name combination. For a combination username and domain name, one character is used for the separating slash (for example, domain\user).

Note Cisco Secure ACS version 3.2.3 supports only 20-character usernames and 36-character username and domain name combinations when used with a Windows NT/2000/2003 domain user database. However, the next release of Cisco Secure ACS should support the new 64-character maximum.

•The LEAP and EAP-FAST Settings screens in ACU support a new format for entering saved usernames. You can enter a string such as username@domain.com in the User Name field. A maximum of 64 ASCII characters, including the @ symbol, can be entered for the username@domain.com string. If you include the domain name in the User Name field, the Domain field becomes disabled.

Note Cisco Secure ACS version 3.2.3 does not support usernames with this format. However, the next release of Cisco Secure ACS should support them.

Installing or Upgrading Client Adapter Software

Follow these steps to use Install Wizard version 1.3 to install or upgrade client adapter software on a computer running Windows 2000 or XP.

Note Install Wizard version 1.3 and its software components are not supported for use with Windows 98, 98 SE, NT, and Me.

Note You do not need to uninstall any previous versions of Cisco Aironet client adapter software (firmware, drivers, or utilities) or previous versions of the Install Wizard prior to installing Install Wizard version 1.3.

Note You can download software from the Software Selector tool instead of the display tables. To do so, choose Option #1: Aironet Wireless Software Selector, follow the instructions on the screen, and go to Step 6.

Step 6 Complete the encryption authorization form; then read and accept the terms and conditions of the Software License Agreement.

Step 7 Click the file again to download it.

Step 8 Save the file to your computer's hard drive.

Step 9 Insert the client adapter into your computer if it is not already inserted.

Caution Do not eject your client adapter at any time during the installation process, including during the reboot.

Step 10 If a driver is not currently installed for your client adapter, the Found New Hardware Wizard screen appears. Click Cancel.

Step 11 Find the Install Wizard file using Windows Explorer, double-click it, and extract its files to a folder.

Note To extract the files, click Browse on the WinZip Self-Extractor screen, choose the folder in which you want the files to be placed, and click OK and Unzip. After the files are extracted, click OK to close the screen.

Note To ensure compatibility among software components, Cisco recommends that you perform an express installation. If you perform a custom installation, Cisco recommends that you install all components.

•Custom Installation/Upgrade—Enables you to specify which software components are installed and to change the default values of certain parameters.

Step 14 If a message appears indicating that you may be required to restart your computer at the end of the installation process, click OK.

Note If you click Cancel, the installation process terminates.

Step 15 If you chose an express installation, go to Step 17. If you chose a custom installation, the Custom Installation screen appears (see Figure 2).

Figure 2 Custom Installation Screen

Step 16 Follow these steps to make selections on this screen.

a. Make sure a check mark appears beside every software component that you want to install. For every component that is checked, the Install Wizard installs its version of that component. Every component that is not checked remains as it currently is on your system.

Note Click the + sign beside the Security Modules option to reveal the available security components.

Note Some components are dependent on others. Therefore, when you select or deselect these components, the settings of other components may change. A dependency notice appears when this occurs.

b. Click the + sign beside each component to view additional parameters. The current value of each parameter appears in the Value field.

c. To change the value of any parameter, click its current value in the Value field. A screen appears that lets you change the existing value.

d. Enter or select a new value and click OK. Table 1 describes each component and its parameters and lists any default value.

Table 1 Software Components and Their Parameters

Component or Parameter

Description

Firmware

Installs the firmware version included in the Install Wizard file.

Default: Checked

Disable Firmware Checking

The Disable Firmware Checking parameter affects the firmware that is bundled with the driver, not the firmware that is included in the Install Wizard. It controls whether the driver (whenever it loads) installs the firmware with which it is bundled.

Note The driver loads each time you insert a client adapter or reboot your computer.

Options: Yes or No

Default: Yes

Disable Firmware Checking

Description

Yes

Prevents the driver from installing the firmware with which it is bundled, enabling the client adapter to retain its current firmware version.

No

Causes the driver to install the firmware with which it is bundled if that firmware is newer than the firmware that is currently installed in the client adapter.

Note The Disable Firmware Checking parameter is functionally equivalent to the Automatically Load New Firmware When NDIS Driver Is Updated parameter on the ACU Preferences screen. The parameter that is set last is the one that governs how the driver behaves.

Drivers

Installs the driver version included in the Install Wizard file.

Default: Checked

Set Quiet Mode?

Specifies whether the client becomes quiet (to passively scan or listen) when its associated access point is turned off. In quiet mode, the client generates radio frequency energy only in direct response to an access point transmission. When the access point is turned back on, it starts sending beacons, which the client hears and can now respond to.

This parameter applies to individual cards rather than profiles. It can be set differently for different cards and remains in effect across ACU sessions and computer reboots.

Options: Yes or No

Default: No

Note You can also change the quiet mode setting in ACU by choosing the Turn Quiet Mode On/Off option from the Commands drop-down menu.

Aironet Client Utility

Installs the ACU version included in the Install Wizard file.

Default: Checked

Installation Path

Determines the path where the ACU software will be installed. You can change the default by entering a new path.

Default: C:\Program Files\Cisco Systems\Aironet Client Utility

Program Folder

Determines the program folder where the ACU software will be installed. You can change the default by entering a new folder name.

Default: Cisco Systems

Place Icon on Desktop

Causes the installation program to add an ACU icon to your computer's desktop to provide quick access to the utility.

Options: Yes or No

Default: Yes

Allow Non-Administrator Users to Save Settings to the Registry

Enables users without administrative rights to modify profiles in ACU and save them to the registry.

Options: Yes or No

Default: Yes

Aironet Client Monitor

Installs the ACM version included in the Install Wizard file.

Default: Checked

Installation Path

Determines the path where the ACM software will be installed. You can change the default by entering a new path.

Default: C:\Program Files\Cisco Systems\Aironet Client Monitor

Program Folder

Determines the program folder where the ACM software will be installed. You can change the default by entering a new folder name.

Default: Cisco Systems

Auto Start

Determines whether ACM starts automatically every time Windows boots.

Options: Yes or No

Default: Yes

Note If you choose No, you can later activate ACM by using Windows Explorer to find the path where the ACM software is installed and double-clicking ACUMon.exe.

Start After Install

Determines whether ACM starts automatically after ACM is installed.

Options: Yes or No

Default: Yes

Note If you choose No, you can later activate ACM by using Windows Explorer to find the path where the ACM software is installed and double-clicking ACUMon.exe.

Program Feature Overrides

Determines which ACM components are enabled. If any components are not selected now and you later want to use them, you must run this installation program again and enable them.

Components: See the table below

Options per component: Enable or Disable

Default per component: Enable

Component

Description

About Box (Help)

Displays the ACM version number and enables you to access the online help.

Exit Program

Closes ACM for all client adapters.

Launch Aironet Client Utility

Activates ACU, if it is installed.

Troubleshooting

Activates the troubleshooting utility, which enables you to identify and resolve configuration and association problems with your client adapter.

Preferences

Enables you to determine when ACM runs and to select the options that appear on the ACM pop-up menu.

Turn Radio On/Off

Turns the client adapter's radio on or off.

Reauthenticate

Forces your client adapter to try to reauthenticate using the username and password of the current profile.

Select Profile

Enables you to select the active profile for your client adapter.

Auto Profile Selection

Causes the client adapter's driver to automatically select a profile from the list of profiles that were set up in ACU to be included in auto profile selection.

Other Configuration Application

Enables an application other than ACU to configure the client adapter.

Installs the LEAP supplicant included in the Install Wizard file. Installing the LEAP supplicant enables you to create a profile in ACU that uses LEAP authentication. If this option is not selected now and you later want to create a profile that uses LEAP, you must run this installation program again and choose this option.

Enables you to create a profile in ACU that uses a saved (rather than temporary) username and password for LEAP authentication. When such a profile is selected, the saved username and password are used to start the LEAP authentication process, and you are not prompted to enter them.

Options: Yes or No

Default: Yes

EAP-SIM

Installs the EAP-SIM supplicant included in the Install Wizard file. Installing the EAP-SIM supplicant enables the client to support EAP-SIM authentication. If this option is not selected now and you later want to use EAP-SIM, you must run this installation program again and choose this option.

Default: Unchecked

Note To enable EAP-SIM authentication, your computer must run Windows 2000 with the Microsoft 802.1X supplicant installed or Windows XP.

Note If you installed the new EAP-SIM supplicant from Cisco.com (see the "New EAP-SIM Supplicant Available" section), make sure the EAP-SIM option is not selected. Otherwise, the EAP-SIM supplicant included in the Install Wizard file overwrites the new supplicant's settings.

PEAP

Installs the PEAP supplicant included in the Install Wizard file. Installing the PEAP supplicant enables the client to support PEAP authentication. If this option is not selected now and you later want to use PEAP, you must run this installation program again and choose this option.

Note Service Pack 1 for Windows XP and the Microsoft 802.1X supplicant for Windows 2000 include Microsoft's PEAP supplicant, which supports a Windows username and password only and does not interoperate with Cisco's PEAP supplicant. To use Cisco's PEAP supplicant, install the Install Wizard file after Windows XP Service Pack 1 or the Microsoft 802.1X supplicant for Windows 2000. Otherwise, Cisco's PEAP supplicant is overwritten by Microsoft's PEAP supplicant.

EAP-FAST

Installs the EAP-FAST supplicant included in the Install Wizard file. Installing the EAP-FAST supplicant enables you to create a profile in ACU that uses EAP-FAST authentication. If this option is not selected now and you later want to create a profile that uses EAP-FAST, you must run this installation program again and choose this option.

Default: Checked

Note The EAP-FAST supplicant is installed and can be enabled only on computers running Windows 2000 or XP.

Enables you to create a profile in ACU that uses a saved (rather than temporary) username and password for EAP-FAST authentication. When such a profile is used, the saved username and password are used to start the EAP-FAST authentication process, and you are not prompted to enter them.

Options: Yes or No

Default: Yes

Note This parameter is applicable only to client adapters that are installed in computers running Windows 2000 or XP.

Allow Auto-Provisioning?

Enables a protected access credentials (PAC) file to be obtained automatically as needed (for instance, when a PAC expires, when the client adapter accesses a different server, when the EAP-FAST username cannot be matched to a previously provisioned PAC, etc.).

Options: Yes or No

Default: Yes

Note This parameter is applicable only to client adapters that are installed in computers running Windows 2000 or XP.

e. When you are finished making selections, click Next.

Step 17 The installation process begins, and you are notified as each component is installed. Perform one of the following:

•If a message appears indicating that the system is about to reboot, click OK and allow your computer to restart.

•If the following message appears, click OK and then reboot your computer: "The installation will complete and applications will be installed when a wireless LAN client adapter is inserted. If an adapter is already inserted, remove and reinsert the adapter or reboot the machine."

The Found New Hardware screen appears. Depending on your computer's operating system, you may have to click Next. The driver and other software components are installed. Then an ACM icon appears in the Windows system tray (unless you changed the default value during installation). Perform one of the following:

–If a message appears indicating that the system is about to reboot, click OK and allow your computer to restart.

Step 18 If you want to install a second client adapter, allow your computer to reboot completely; then insert the second adapter into your computer. Depending on your computer's operating system, one of the following scenarios occurs:

•The Found New Hardware Wizard screen appears. Depending on your computer's operating system, you may have to click Next. The driver and other software components are installed, and another ACM icon appears in the Windows system tray. Click Yes or OK when a message appears about rebooting your computer.

Step 19 If your network setup does not include a DHCP server and you plan to use TCP/IP, follow these steps for your operating system. If you have more than one client adapter installed, repeat this step for each adapter.

•Windows 2000—Double-click My Computer, Control Panel, and Network and Dial-up Connections. Right-click Local Area Connection x (where x represents the number of the connection). Click Properties, Internet Protocol (TCP/IP), and Properties. Click Use the following IP address and enter the IP address, subnet mask, and default gateway address of your computer (which can be obtained from your system administrator). Click OK. In the Local Area Connection Properties window, click OK.

Step 20 If you are prompted to restart your computer, click Yes. The installation is complete.

Finding Version Numbers

Follow the instructions in this section to find the version numbers of your client adapter's software components.

Finding the Install Wizard Version

Follow these steps to find the version of the Install Wizard that is currently installed for your client adapter.

Step 1 Open Windows Explorer.

Step 2 Find the Install Wizard files.

Step 3 Right-click the IWSetup.exe or Setup.exe file.

Step 4 Click Properties.

Step 5 Click the Version tab. The File version field shows the version of the currently installed Install Wizard file.

Finding the Firmware and Driver Versions

To find the firmware and driver versions that are currently installed for your client adapter, click the ACU Status icon. The Firmware Version field on the Status screen shows the current firmware version, and the NDIS Driver Version field shows the current driver version.

Finding the ACU Version

To find the version of ACU that is currently installed for your client adapter, click the ACU About icon. The About Aironet Client Utility screen shows the current ACU version.

Finding the ACM Version

To find the version of ACM that is currently installed for your client adapter, right-click the ACM icon and click the About option. The About screen shows the current ACM version.

Caveats

This section describes open and resolved caveats for the software components in this release.

Open Caveats

Open Firmware Caveats

The following caveat has not been resolved in client adapter firmware version 5.40.10.

•CSCeb85992—Client scanning problems with LEAP

Clients using LEAP sometimes experience scanning problems, such as sending probe requests in only the current channel rather than scanning through all channels.

Open Install Wizard Caveats

The following caveat has not been resolved in Install Wizard version 1.3.

When you uninstall ACU version6.x, the Install Wizard deletes the layout.inf file from the Windows\Inf directory (for example, C:\WINNT\Inf), which consequently prevents you from changing the size of Windows fonts. To work around this issue, copy the layout.inf file from another location on your computer (such as the directory containing your Windows installation files or service pack installation files), from your Windows installation disk, or from another computer running the same operating system with files of similar vintage and paste it into your Windows\Inf directory.

Note You can use the Windows Search option to find the layout.inf file. Make sure you set the tool to show hidden files and folders. The layout.inf file will most likely be in the I386 subdirectory of the Windows installation files or service pack installation files.

Open ACU Caveats

The following caveats have not been resolved in ACU version 6.3.

•CSCin51159—ACU Status screen may display incorrect SSID

If your client adapter is configured with multiple profiles, the ACU Status screen may incorrectly display the SSID of a profile that is not is use. However, the functionality of your client adapter is not affected.

•CSCec27947—ACU and ACM show broadcast SSID rather than associated SSID

On Windows XP devices, ACM and the ACU Status screen sometimes show the access point's broadcast SSID rather than the SSID to which the client adapter is associated.

•CSCin58253—PEAP Login screen takes a long time to display for WPA clients

The PEAP login screen (Static Password or One Time Password) can take up to 3 minutes to display after you activate a profile that is configured for PEAP and WPA.

Open ACM Caveats

The following caveats have not been resolved in ACM version 2.3.

•CSCed45720—ACUMon.Exe error occurs if client adapter is not inserted during software upgrade

If the client adapter is not inserted when you attempt to upgrade from client adapter Install Wizard version 1.2 to 1.3, the ACUMon.Exe error occurs. To work around this issue, simply insert your client adapter and continue the software upgrade process.

•CSCin51159—ACM Connection Status screen may display incorrect SSID

If your client adapter is configured with multiple profiles, the ACM Connection Status screen may incorrectly display the SSID of a profile that is not is use. However, the functionality of your client adapter is not affected.

•CSCec06303—ACM icon disappears from system tray

The ACM icon may disappear from the Windows system tray while ACM is running.

Open Driver Caveats

The following caveats have not been resolved in PC, LM, and PCI card driver version 8.5 and mini PCI and PC-Cardbus card driver version 3.8.

•CSCec13533—Login delay using Microsoft WPA supplicant

When you activate a host-based EAP profile under Windows XP with Microsoft's WPA supplicant (Q815485) installed, it can take up to 90 seconds after login for the Windows desktop to appear and several minutes for the client to authenticate.

•CSCec33661—Some Dell laptops fail to obtain IP address

Some Dell laptops fail to obtain an IP address from the DHCP server after being undocked. To work around this issue, restart your computer.

Open Security Module Caveats

If you have a domain, rather than a local, account and do not have a pre-existing PAC, you are required to automatically provision a PAC twice.

•CSCin32330—Many PEAP login screens appear when computer is left idle

If you leave your computer idle while it is using PEAP authentication, you may receive three PEAP login screens upon resume. To resolve this problem, cancel the first two login screens and use the last one (which is on top) to log in.

Other Open Caveats

The following caveat has not been resolved in Cisco Aironet Access Point IOS Release 12.2(13)JA and affects the behavior of Cisco Aironet client adapters running Install Wizard version 1.3.

•CSCed54143—Session disconnects may occur during password changes when using PEAP-GTC

If you are using PEAP-GTC with a Cisco Secure ACS server and you are prompted to change your password, a message appears when you are done indicating that the password change was performed; however, the session may disconnect.

Resolved Caveats

Resolved ACU Caveats

The following caveats are resolved in ACU version 6.3.

•CSCeb86187—LEAP Authentication Status screen takes a long time to display

The LEAP Authentication Status screen can take up to 20 seconds to display after you switch to a LEAP-enabled profile or use the Manual LEAP Login option.

The following caveats are resolved in mini PCI and PC-Cardbus card driver version 3.8.

•CSCed22757 and CSCed70738—XP clients may not get IP address

Computers that are running Windows XP with Service Pack 1 and Microsoft WPA may not be able to get a valid IP address.

•CSCed61987—Client adapter driver does not work with 802.1h encapsulation

Cisco Aironet client adapter driver version 3.7 causes the client adapter's radio to fail to pass data to any access point or bridge whose encapsulation has been changed to 802.1h.

•CSCed35290 and CSCed17363—Blue screen may occur for CB20A cards using 802.1X authentication with Windows XP

A blue screen may occur if you use Windows XP to configure a CB20A card for 802.1X authentication.

Resolved Security Module Caveats

The following caveats are resolved in LEAP security module version 6.2, PEAP security module version 1.01, and EAP-SIM security module version 1.0.

•CSCed31301—Blue screen may occur during Windows login

A blue screen may occur during the Windows login on computers running Windows 2000.

•CSCed13775—LEAP authentication may take a long time

Some Windows XP laptops may take a long time to complete LEAP authentication.

Getting Bug Information on Cisco.com

If you are a Cisco registered user, you can use the Cisco TAC Software Bug Toolkit, which consists of three tools (Bug Navigator, Bug Watcher, and Search by Bug ID Number) that help you to identify existing bugs (or caveats) in Cisco software products.

Obtaining Documentation

Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.

Cisco.com

You can access the most current Cisco documentation on the World Wide Web at this URL:

Obtaining Technical Assistance

For all customers, partners, resellers, and distributors who hold valid Cisco service contracts, the Cisco Technical Assistance Center (TAC) provides 24-hour-a-day, award-winning technical support services, online and over the phone. Cisco.com features the Cisco TAC website as an online starting point for technical assistance. If you do not hold a valid Cisco service contract, please contact your reseller.

Cisco TAC Website

The Cisco TAC website provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The Cisco TAC website is available 24 hours a day, 365 days a year. The Cisco TAC website is located at this URL:

Opening a TAC Case

Using the online TAC Case Open Tool is the fastest way to open P3 and P4 cases. (P3 and P4 cases are those in which your network is minimally impaired or for which you require product information.) After you describe your situation, the TAC Case Open Tool automatically recommends resources for an immediate solution. If your issue is not resolved using the recommended resources, your case will be assigned to a Cisco TAC engineer. The online TAC Case Open Tool is located at this URL:

For P1 or P2 cases (P1 and P2 cases are those in which your production network is down or severely degraded) or if you do not have Internet access, contact Cisco TAC by telephone. Cisco TAC engineers are assigned immediately to P1 and P2 cases to help keep your business operations running smoothly.

TAC Case Priority Definitions

To ensure that all cases are reported in a standard format, Cisco has established case priority definitions.

Priority 1 (P1)—Your network is "down" or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.

Priority 2 (P2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.

Priority 3 (P3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.

Priority 4 (P4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.

Obtaining Additional Publications and Information

Information about Cisco products, technologies, and network solutions is available from various online and printed sources.

•Cisco Marketplace provides a variety of Cisco books, reference guides, and logo merchandise. Go to this URL to visit the company store:

•Cisco Press publishes a wide range of general networking, training and certification titles. Both new and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press online at this URL:

•Packet magazine is the Cisco quarterly publication that provides the latest networking trends, technology breakthroughs, and Cisco products and solutions to help industry professionals get the most from their networking investment. Included are networking deployment and troubleshooting tips, configuration examples, customer case studies, tutorials and training, certification information, and links to numerous in-depth online resources. You can access Packet magazine at this URL:

•Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in designing, developing, and operating public and private internets and intranets. You can access the Internet Protocol Journal at this URL:

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0402R)